package com.future.message.configuration.Security;

import com.future.message.Service.UserService;
import com.future.message.configuration.Filter.TokenAuthFilter;
import com.future.message.configuration.Filter.TokenLoginFilter;
import com.future.message.pojo.SecurityUser;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Lazy;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;


/**
 * @description:SpringSecurity配置类
 * @projectName:message
 * @see:com.future.message.configuration
 * @author:Xuyujie
 * @createTime:2021/12/3 21:55
 * @version:1.0
 */
@Configuration
//声明为SpringSecurity的配置类
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Qualifier("userDetailsImpl")
    @Autowired
    private UserDetailsService userDetailsService;

    /**
     *   token管理器
     */
    @Autowired
    private TokenManager tokenManager;

    @Autowired
    private UserService userService;

    @Lazy
    @Autowired
    private PasswordEncoder passwordEncoder;

    /**
     * 设置登录权限信息
     * @param http
     * @throws Exception
     */
    @Override
    protected void configure(HttpSecurity http) throws Exception {
           http.exceptionHandling()
                   //没有权限访问
                   .authenticationEntryPoint(new UnauthEntryPoint())
                   .accessDeniedHandler(new SimpleAccessDeniedHandler())
                   .and().csrf().disable()
                   .authorizeRequests()
                   .anyRequest().authenticated()
                   .and()
                   .addFilter(new TokenLoginFilter(tokenManager,userService,authenticationManager()))
                   .addFilter(new TokenAuthFilter(authenticationManager(),tokenManager,userService));
    }


    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService)
                .passwordEncoder(passwordEncoder);
    }

    /**
     * 密码加密对象
     * @return
     */
    @Bean
    public PasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder();
    }

    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers( "/swagger-ui.html"
                , "/webjars/**"
                , "/v2/**"
                , "/swagger-resources/**");
    }

    public static SecurityUser getUserInfo(){
        Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        SecurityUser securityUser = (SecurityUser) principal;
        return securityUser;
    }
}
